package org.pro.browser.config;


import org.pro.core.authentiction.AbstractChannelSecurityConfig;
import org.pro.core.authentiction.SmsCodeAuthenticationSecurityConfig;
import org.pro.core.authentiction.ValidateCodeSecurityConfig;
import org.pro.core.constant.SecurityConstants;
import org.pro.core.properties.SecurityProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.social.security.SpringSocialConfigurer;



@Configuration
public class BrowserSecurityConfig extends AbstractChannelSecurityConfig {

	@Autowired
	private ValidateCodeSecurityConfig validateCodeSecurityConfig;
	
	@Autowired
	private SecurityProperties securityProperties;
	
	
	@Autowired
	private SmsCodeAuthenticationSecurityConfig smsCodeAuthenticationSecurityConfig;
	
	@Autowired
	private SpringSocialConfigurer qqSocialConfig;

	@Autowired
	private javax.sql.DataSource dataSource;

	/**
	 * 声明记住我的数据获取来源
	 * @return
	 */
	@Bean
	public PersistentTokenRepository persistentTokenRepository() {
		JdbcTokenRepositoryImpl tokenRepository = new JdbcTokenRepositoryImpl();
		tokenRepository.setDataSource(dataSource);
		return tokenRepository;
	}
	@Autowired
	private UserDetailsService userDetailsService;
//	@Autowired
//	private SpringSocialConfigurer socialSecurityConfig;
	

	@Override
	protected void configure(HttpSecurity http) throws Exception {

		applyPasswordAuthenticationConfig(http);
		http.apply(validateCodeSecurityConfig)
			.and()
			.apply(smsCodeAuthenticationSecurityConfig)
			.and()
			.apply(qqSocialConfig)
			.and()
			.rememberMe()
			.tokenRepository(persistentTokenRepository())  //获取cookie
			.tokenValiditySeconds(securityProperties.getBrowser().getRememberExpire())  //设置过期时间
			.userDetailsService(userDetailsService)  //获取到user对象后的服务
			.and()
//			.apply(socialSecurityConfig)
//			.and()
				.authorizeRequests()
				.antMatchers(
						SecurityConstants.DEFAULT_UNAUTHENTICATION_URL,
						SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_MOBILE,
						SecurityConstants.DEFAULT_VALIDATE_CODE_URL_PRIFIX+"/*",
						securityProperties.getBrowser().getLoginUrl(),
						securityProperties.getBrowser().getSignUpUrl(),
						"/auth/**",
						"/login/**",
						"/user/regist",
						"/auth/**","/webjars/**","/index**","/**/css/**","/**/js/**","/**/img/**"
						)
				.permitAll()
				.anyRequest().authenticated().and().csrf().disable()
				.apply(smsCodeAuthenticationSecurityConfig);
		// super.configure(http);
	}
	
	
}
